CPE-07BE46B0-6D22-4B16-B911-A3EB7D6312E6 Detail

CPE Details

HashiCorp Consul 1.1.1 Enterprise Edition

Vendor

hashicorp

Product

consul

Version

1.1.1

Created

2019-10-25 16:34 +00:00

Last Modified

2019-10-25 16:34 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Alert management

List of Alerts

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:hashicorp:consul:1.1.1::::enterprise:::

Informations

Vendor

hashicorp

Product

consul

Version

1.1.1

Software Edition

enterprise

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-40716	2022-09-22 22:00 +00:00	HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2."	6.5	MEDIUM
CVE-2022-29153	2022-04-18 22:00 +00:00	HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.	7.5	HIGH
CVE-2021-38698	2021-09-07 09:45 +00:00	HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.	6.5	MEDIUM
CVE-2021-37219	2021-09-07 09:33 +00:00	HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.	8.8	HIGH
CVE-2020-25864	2021-04-20 11:07 +00:00	HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.	6.1	MEDIUM
CVE-2021-3121	2021-01-11 04:57 +00:00	An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.	8.6	HIGH
CVE-2020-7219	2020-01-31 11:39 +00:00	HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.	7.5	HIGH
CVE-2018-19653	2018-12-09 18:00 +00:00	HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.	5.9	MEDIUM

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

CPE Details

Alerte pour un CPE

Functionality requiring a connection

CPE Name: cpe:2.3:a:hashicorp:consul:1.1.1::::enterprise:::

Informations

Vendor

Product

Version

Software Edition

Related CVE

Lists Vulnerabilities

Sorted by Year

CVE Statistics

Specific Views

CVE

OWASP

CISA KEV

Vendors List

Products List

Lists CWE

Specific Views

Lasts 7 CWE

Lists CAPEC

Specifics Views

7 Lasts CAPEC

No result found

Alert System

HashiCorp Consul 1.1.1 Enterprise Edition

CPE Details

Alerte pour un CPE

CPE Name: cpe:2.3:a:hashicorp:consul:1.1.1:*:*:*:enterprise:*:*:*

Informations

Vendor

Product

Version

Software Edition

Related CVE

CPE Name: cpe:2.3:a:hashicorp:consul:1.1.1::::enterprise:::